URL: https://www.crocs.de/?cid=4OF
Submission Tags: 0xscam
Submission: On April 24 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:4400::6812:2588, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.crocs.de.
TLS certificate: Issued by DigiCert EV RSA CA G2 on April 10th 2023. Valid for: a year.
This is the only time www.crocs.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:440... 13335 (CLOUDFLAR...)
2 13.32.99.44 16509 (AMAZON-02)
8 3
Apex Domain
Subdomains
Transfer
7 crocs.de
www.crocs.de
139 KB
2 cdndex.io
reporting.cdndex.io — Cisco Umbrella Rank: 27068
398 B
8 2
Domain Requested by
7 www.crocs.de 1 redirects www.crocs.de
2 reporting.cdndex.io www.crocs.de
8 2

This site contains no links.

Subject Issuer Validity Valid
www.crocs.com
DigiCert EV RSA CA G2
2023-04-10 -
2024-05-10
a year crt.sh
reporting.cdndex.io
Amazon RSA 2048 M02
2024-03-12 -
2025-04-09
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.crocs.de/?cid=4OF
Frame ID: 19E42746C1F2C728E8E5EFBFC7BB7607
Requests: 6 HTTP requests in this frame

Frame: https://www.crocs.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: 4AF9FE3A55718BB399E425AE40BE6CED
Requests: 2 HTTP requests in this frame

Screenshot


Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

139 kB
Transfer

344 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://www.crocs.de/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.crocs.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.crocs.de/
2 KB
3 KB
Document
General
Full URL
https://www.crocs.de/?cid=4OF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c76fd5d7230513eeec9d561fc4cf3ba83548424e706fe743a9202caa6a5dbc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r,x-kpsdk-c
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
MISS
cf-ray
8798fd7ead9c65a7-FRA
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 20:54:44 GMT
expires
0
p3p
CP="This site does not specify a policy in the P3P header"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-kpsdk-ct
01MMfulqkLsIBnlq51qzVscCMydoFhZnYEMh30I4y8hZIsCXISqBk5J4X113lVcCIWZ4vzJG3Ib7JjfGGrKVZuKHky0OTf99ZVfZv9xj6sobqdACey2PNwduO2NJi9RyCeuVsX03YYim8Deigvprgz6IF02Zh7jJX35LKNpfMb4OkvWbg0Nc4gN9AzcmPxhxCKSNU
ips.js
www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/
300 KB
118 KB
Script
General
Full URL
https://www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?__cf__client__uuid_=01MMfulqkLsIBnlq51qzVscCMydoFhZnYEMh30I4y8hZIsCXISqBk5J4X113lVcCIWZ4vzJG3Ib7JjfGGrKVZuKHky0OTf99ZVfZv9xj6sobqdACey2PNwduO2NJi9RyCeuVsX03YYim8Deigvprgz6IF02Zh7jJX35LKNpfMb4OkvWbg0Nc4gN9AzcmPxhxCKSNU&x-kpsdk-im=CiRlZDc5ZTQ3MC0xODVjLTRiYzctOWViYS1mYTY0ODE2ZmQwNmQ
Requested by
Host: www.crocs.de
URL: https://www.crocs.de/?cid=4OF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd4d973d6696b168da894a9e4a8899f174fc7049bfe03b0c51366662d70186f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.crocs.de/?cid=4OF
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 20:54:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
x-kpsdk-ct
01FY2KUg9BdtlJvAJtC6PDCbbby0k8OK4B3RG7UCn2dZcJnGgmPqUmp7uMguefuQxCEqa42JxSuV3Cjht8wWSfRWAMbJvhYMPnHVDZTOXF1msl0oLSeM41ETVShrp9GQ4UURAMSllVIzXPRz6XfCqs08WkX62i6s4K3FsEFJsmM4USIId2A6J0tFtxudhah1M6W10
server
cloudflare
content-type
application/javascript; charset=utf-8
p3p
CP="This site does not specify a policy in the P3P header"
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r,x-kpsdk-c
cache-control
no-cache, no-store, must-revalidate
cf-ray
8798fd830ada65a7-FRA
alt-svc
h3=":443"; ma=86400
expires
0
error
reporting.cdndex.io/ Frame
0
0
Preflight
General
Full URL
https://reporting.cdndex.io/error
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.crocs.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
*
content-length
2
content-type
application/json
date
Wed, 24 Apr 2024 20:54:46 GMT
server
CloudFront
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id
atASCCjF6X3I055acc9TH2DR7ryfGWf6Qxoh5nKw6dUp6qDSvxzNxQ==
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
error
reporting.cdndex.io/
8 B
398 B
XHR
General
Full URL
https://reporting.cdndex.io/error
Requested by
Host: www.crocs.de
URL: https://www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?__cf__client__uuid_=01MMfulqkLsIBnlq51qzVscCMydoFhZnYEMh30I4y8hZIsCXISqBk5J4X113lVcCIWZ4vzJG3Ib7JjfGGrKVZuKHky0OTf99ZVfZv9xj6sobqdACey2PNwduO2NJi9RyCeuVsX03YYim8Deigvprgz6IF02Zh7jJX35LKNpfMb4OkvWbg0Nc4gN9AzcmPxhxCKSNU&x-kpsdk-im=CiRlZDc5ZTQ3MC0xODVjLTRiYzctOWViYS1mYTY0ODE2ZmQwNmQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-44.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.crocs.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 20:54:47 GMT
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
x-cache
LambdaGeneratedResponse from cloudfront
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length
8
x-amz-cf-id
1e2oZiIOpGHBNOg6qmzlks3OBwDRbvOXgFKJ_XGQKyHUfLlLTkcejQ==
truncated
/
369 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f2cf0c99091af44641cb27eee6a0f32a56aa85f446f60a9482864f2ade413d4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
tl
www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/
0
967 B
XHR
General
Full URL
https://www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by
Host: www.crocs.de
URL: https://www.crocs.de/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?__cf__client__uuid_=01MMfulqkLsIBnlq51qzVscCMydoFhZnYEMh30I4y8hZIsCXISqBk5J4X113lVcCIWZ4vzJG3Ib7JjfGGrKVZuKHky0OTf99ZVfZv9xj6sobqdACey2PNwduO2NJi9RyCeuVsX03YYim8Deigvprgz6IF02Zh7jJX35LKNpfMb4OkvWbg0Nc4gN9AzcmPxhxCKSNU&x-kpsdk-im=CiRlZDc5ZTQ3MC0xODVjLTRiYzctOWViYS1mYTY0ODE2ZmQwNmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-kpsdk-im
CiRlZDc5ZTQ3MC0xODVjLTRiYzctOWViYS1mYTY0ODE2ZmQwNmQ
x-kpsdk-ct
01uJpp4MeXkfQcc8cdPpKE1DpjzpWxLTgPZ1IARxa0Mmq8Gy3N6y7Wk4yvXNX1suK9atGEY9nCV0iyK3dds7Nk82Q8By8WVRZdCgPby9MJTZvcrfVo6zOK97RlkIR6ogBabnuhJZokR3UlQkXOga01iken9mvtkFpST8DddBj9jU4vk67uie4zXCJJvr0zdldAHEv
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/octet-stream
x-kpsdk-dt
15ux42oy3lw6sz2jw76z01cbz116d
Referer
https://www.crocs.de/?cid=4OF
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-kpsdk-st
1713992086517
p3p
CP="This site does not specify a policy in the P3P header"
x-kpsdk-cr
false
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-kpsdk-ct
01PHZOjIiIpoWDa815py5FgnNKUF7lNIweCrLXJE90e8lMOTwTVVYaN4gd6uIXrEKBG8KZsNkwVXOytqki3avIVi1XXx4jxGriM9IJsd3smk2Ju1RG7jQqa5eJEjlDNHlkeuo0YD6mMLLtjJm8ESjuVpTL4jprXfHdpZgZUmy6BPRMxY9I1TMA4CrVhOLB76lA0ds
server
cloudflare
content-type
text/plain
access-control-allow-origin
https://www.crocs.de
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r,x-kpsdk-c
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8798fd8c0bf865a7-FRA
expires
0
main.js
www.crocs.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame 4AF9
Redirect Chain
  • https://www.crocs.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.crocs.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB
Script
General
Full URL
https://www.crocs.de/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08f0db411111abe08e4ce4b780c3a1ffcc03780515e786a1bf228d88ae11d25
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 20:54:46 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8798fd8c4c4565a7-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 24 Apr 2024 20:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8798fd8c2c1765a7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
www.crocs.de/
35 KB
12 KB
Other
General
Full URL
https://www.crocs.de/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8e27be2a5e72f47d5c2866decf21301ccd6e6efceba65e548304bbd96fe0605
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.crocs.de/?cid=4OF
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
55471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 23 Apr 2024 17:02:47 GMT
server
cloudflare
vary
accept-encoding
content-type
image/x-icon
access-control-expose-headers
x-kpsdk-ct,x-kpsdk-r,x-kpsdk-c
cache-control
public, max-age=2678400
cf-ray
8798fd8c2c2165a7-FRA
x-dw-request-base-id
k_nMfukiKGYBAAB_
expires
Sat, 25 May 2024 20:54:46 GMT
8798fd7ead9c65a7
www.crocs.de/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4AF9
0
334 B
XHR
General
Full URL
https://www.crocs.de/cdn-cgi/challenge-platform/h/b/jsd/r/8798fd7ead9c65a7
Requested by
Host: www.crocs.de
URL: https://www.crocs.de/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2588 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Apr 2024 20:54:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
cf-ray
8798fd8cdcfd65a7-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| KPSDK

4 Cookies

Domain/Path Name / Value
.crocs.de/ Name: __cf_bm
Value: w5XcvFlp_deu9_ThpJDFQgvzVl77.epBpErG08N4T4w-1713992084-1.0.1.1-W5s7dh2FYpSLN_MOFdJQ6QKe5cinfJaN9V7OetldgH3iQWC3PEqpkodpFiArWC7Rpuj4JTR83EB0LFW8dCJzbQ
.crocs.de/ Name: cf_clearance
Value: rZhI1QtEzVnavq_tm2aedH97XC0azIBrMSF6JGnH5Ag-1713992086-1.0.1.1-SSEyM5hd5OP_.BwIrTN2qAUcTIDY3PP8kkkuUrydUuZpoAXoexWyaLuHXPhYvdX4VzntHotywKp3K4EZFtk2.Q
www.crocs.de/ Name: __cf__client__uuid_-ssn
Value: 01PHZOjIiIpoWDa815py5FgnNKUF7lNIweCrLXJE90e8lMOTwTVVYaN4gd6uIXrEKBG8KZsNkwVXOytqki3avIVi1XXx4jxGriM9IJsd3smk2Ju1RG7jQqa5eJEjlDNHlkeuo0YD6mMLLtjJm8ESjuVpTL4jprXfHdpZgZUmy6BPRMxY9I1TMA4CrVhOLB76lA0ds
www.crocs.de/ Name: __cf__client__uuid_
Value: 01PHZOjIiIpoWDa815py5FgnNKUF7lNIweCrLXJE90e8lMOTwTVVYaN4gd6uIXrEKBG8KZsNkwVXOytqki3avIVi1XXx4jxGriM9IJsd3smk2Ju1RG7jQqa5eJEjlDNHlkeuo0YD6mMLLtjJm8ESjuVpTL4jprXfHdpZgZUmy6BPRMxY9I1TMA4CrVhOLB76lA0ds

1 Console Messages

Source Level URL
Text
network error URL: https://www.crocs.de/?cid=4OF
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains